FBI turns to insurers to grasp the full reach of ransomware

Tim Manley didn’t even know who to call. As the president of National Ink and Stitch, Manley had to figure out how to recover files that hackers had encrypted as part of a ransomware attack on the small screen-printing business. Malicious software called only “LockedIn” struck the Maryland company’s systems on Dec. 2, 2016, scrambling 16 years’ worth of the company’s intellectual property, like proprietary logos and designs. So Manley paid the two bitcoin that extortionists had demanded to free his files. It totaled about $1,500. Instead of letting National Ink and Stitch get back to work, though, the hackers asked for more money. That’s when the company president filed a report with the local police department and spent $110,000 on an IT contractor that, to this day, hasn’t recovered all the locked files. At the time, federal law enforcement wasn’t even on Manley’s list of potential allies. He didn’t alert the […]

The post FBI turns to insurers to grasp the full reach of ransomware appeared first on CyberScoop.

Continue reading FBI turns to insurers to grasp the full reach of ransomware

Scammers Target U.S. Troops with Fake COVID-19 Tests

Scammers continue to piggyback on the COVID-19 Coronavirus scare with new tricks, this time targeting U.S. Army service members with phone calls requesting their personal information and promising a testing kit to check if they’re infected, accor… Continue reading Scammers Target U.S. Troops with Fake COVID-19 Tests

On Cyber Warranties

Interesting article discussing cyber-warranties, and whether they are an effective way to transfer risk (as envisioned by Ackerlof’s "market for lemons") or a marketing trick. The conclusion: Warranties must transfer non-negligible amounts of liability to vendors in order to meaningfully overcome the market for lemons. Our preliminary analysis suggests the majority of cyber warranties cover the cost of repairing the… Continue reading On Cyber Warranties

Beazley: ransomware claims more than doubled in the last year

Ransomware attacks on a prominent insurer’s client base rose by more than 100% last year, driven by new attacks on healthcare, professional services and financial institutions, according to new figures released Monday. Beazley Breach Response services, a unit of the London-based insurance firm, said Monday that its clients reported 775 ransomware attacks in 2019, a 131% increase over the previous year. The spike was motivated by a combination of factors, including the increased accessibility of pernicious strains of malicious software, higher demands and the simple inability of enterprises to fend off phishing emails or protect remote desktop protocol technology. The numbers are the latest addition to a pervasive ransomware problem that has been difficult to quantify. Victims often do not report attacks to law enforcement, while extortion demands range from thousands to millions of dollars. Meanwhile insurers like Beazley are asked to cover ransomware claims, and typically keep their risk […]

The post Beazley: ransomware claims more than doubled in the last year appeared first on CyberScoop.

Continue reading Beazley: ransomware claims more than doubled in the last year

When Scams Collide: E-Mail Fraud and Insurance

Should insurance companies be on the hook to cover losses for cyberfraud? If you are the victim of a business email compromise (BEC) and are induced to wire-transfer a client’s funds to the wrong account, who pays for the damages? And if you have insu… Continue reading When Scams Collide: E-Mail Fraud and Insurance

AIG must cover client’s $5.9 million in cyber-related losses, judge rules

Insurance giant AIG must cover nearly $6 million in losses for a client that was fleeced by an email scam carried out by suspected Chinese hackers, a federal court has decided. A judge in the Southern District of New York ruled Wednesday that AIG was in breach of contract when it previously denied a claim from SS&C Technologies, a $6 billion financial technology firm. In 2016, hackers defrauded SS&C out of $5.9 million by sending spoofed emails that appeared to be from an SS&C client, Tillage Commodities, asking SS&C employees to transfer money. After SS&C carried out the transactions, Tillage took legal action, resulting in a settlement. While AIG covered SS&C’s court dispute with Tillage, SS&C also sought filed a claim seeking to have AIG cover the stolen $5.9 million. AIG denied the claim. The insurance company had argued its policy included an exclusion stipulating that SS&C was not covered […]

The post AIG must cover client’s $5.9 million in cyber-related losses, judge rules appeared first on CyberScoop.

Continue reading AIG must cover client’s $5.9 million in cyber-related losses, judge rules

Judge forces insurer to help small business to clean up after a crippling ransomware attack

At least one insurance company will cover the costs from a cyberattack against one of its clients. A Maryland federal judge on Thursday ruled that an Ohio insurer must cover the costs following a ransomware attack that forced a client to replace much of its technology. State Auto Property & Casualty Insurance is on the hook for losses incurred by National Ink & Stitch, a Maryland screen printing business, after a 2016 hack resulted in “direct physical loss or damage” of National Ink & Stitch’s property. No dollar figure has been set yet. The embroidery company had sought $310,000 in damages from State Auto, which has a $1.3 billion market cap. The summary judgment decision from Judge Stephanie A. Gallagher, of the U.S. District Court of Maryland, comes amid ongoing skepticism with the way insurance companies have waded into data security incidents, which are difficult to predict. As a number […]

The post Judge forces insurer to help small business to clean up after a crippling ransomware attack appeared first on CyberScoop.

Continue reading Judge forces insurer to help small business to clean up after a crippling ransomware attack

Ransomware Infects Main Server of Large Insurance Company in Oman

A ransomware attack has hit Oman United Insurance Company SAOG, one of the largest insurers in Oman, but operations apparently remain unaffected. Finance is one of the sectors most targeted by hackers, including banks, fintech firms, or insurance compa… Continue reading Ransomware Infects Main Server of Large Insurance Company in Oman